NSA Whistleblower: The Ultimate Insider Attack

Share

NSA Whistleblower: The Ultimate Insider Attack

When computer security companies release their annual reports about hacking and breaches, they take pains to point out that the insider threat from someone with internal access to data is a far greater risk to a company than an outside hacker.

The more than a million government documents leaked by former Army intelligence analyst Bradley Manning showed this to be true.

But Manning was a low-level analyst who had the same kind of access to classified systems as all other low-level analysts around him. His access was limited to data and documents that others produced, not to the surveillance apparatus and infrastructure itself.

That's what makes the leaks by 29-year-old NSA whistleblower Edward Snowden all the more spectacular and alarming – from the NSA's perspective. The system administrator with the keys to your kingdom, the knowledge of all your secrets and vulnerabilities and the power to control the very operation of your infrastructure, is a far greater threat than anyone else in an organization.

By that measure, Snowden might well be the ultimate inside attacker, since he had not only that rarest of rare views into the core of the intelligence rabbit hole but also the ability to collapse the hole if he'd wanted.

As an "infrastructure analyst" for the NSA – a euphemistic title that has all kinds of defensive and offensive connotations – Snowden said that "I, sitting at my desk, certainly had the authorities to wiretap anyone, from you or your accountant, to a federal judge, to even the President [of the United States] if I had a personal email."

He also had access to the "full rosters of everyone working at the NSA, the entire intelligence community and undercover assets all around the world, the locations of every station we have, what their missions are and so forth," he told the Guardian in a video interview.

"If I had just wanted to harm the U.S., you could shut down the surveillance system in an afternoon, but that's not my intention," he said.

His intent, or at least his hope, was to bring down the intelligence apparatus in a different way – through public exposure and change of policy. Time will tell if his revelations have success in that regard, but his exposures have at least broadened the public's understanding of the scope of the government's surveillance.

Snowden, who used the codename "Verax" (truth teller in Latin) in his communications with reporters to whom he leaked, held several sensitive computer infrastructure positions over the years. At the time of the leaks he was working for the NSA through defense contractor Booz Allen Hamilton – a job he presumably no longer has.

Booz Allen released a statement today saying he had only been an employee of the company for less than three months.

He worked previously as a systems engineer and administrator, as a senior adviser for the CIA and as a telecommunications information systems officer.

He started off as a security guard for one of the NSA's covert facilities at the University of Maryland after being discharged from Army training in 2003, then worked in IT security for the CIA. In 2007, the CIA stationed him with diplomatic cover in Geneva for a computer security job that gave him clearance and access to a wide array of classified documents.

All of these jobs gave him inside knowledge and access that few in the country possess. But it wasn't until 2009, while he was still on the job in Geneva, that he started to think about leaking some of the secrets he knew.

Like Bradley Manning before him, it was that access to documents and his time spent around colleagues that led him to begin questioning the government's activities.

"When you're in positions of privileged access like a systems administrator for these intelligence agencies, you're exposed to a lot more information on a broader scale than the average employee," he said.

"Because of that, you see things that may be disturbing but over the course of a normal person's career you'd only see one or two of these instances. When you see everything, you see them on a more frequent basis and you recognize that some of these things are actually abuses...."

He added, "I'm no different from anybody else. I don't have special skills. I'm just another guy who sits there day to day in the office, watches what's happening and goes, This is something that's not our place to decide. The public needs to decide whether these programs and policies are right or wrong."

In fact he was different from everybody else, due to the access he had to a large swath of data and information.

Much of what he saw in Geneva disillusioned him.

"I realized that I was part of something that was doing far more harm than good," he recalled.

He thought about leaking at the time, but didn't because leaking CIA secrets could have endangered people. He also thought Barack Obama's election to the presidency in 2008 might change things, so he held off.

In 2009 he left the CIA for a job with a private contractor and got assigned to an NSA facility at a military base in Japan.

The next three years exposed him to a broader view of the the NSA's surveillance apparatus and increased his disillusionment and dissatisfaction until he reached the point recently where he decided to leak the information he did – a court order showing that the NSA obtains the phone records of millions of Americans from the phone companies each month, as well as documents describing the surveillance system for obtaining data from internet companies about foreign targets.

There wasn't a single incident or piece of information that finally caused him to become a whistleblower, but a slow burn over many years, as he realized the unstoppable nature of the NSA's surveillance.

"[T]hey are intent on making every conversation and every form of behavior in the world known to them," he told the Guardian about the NSA. He called the agency an "existential threat to democracy."